Director, Security Engineering

Why N-able

N-able is seeking a Director, Security Architecture and Engineering to come join us on our exciting journey of growth! Our vision is to enable the digital evolution of small and medium size businesses. We believe that by putting our People, Partners and Products first that we will be able to continue the growth of our business.

The N-able team is looking someone to lead the company's security architecture and engineering program. This role reports directly to our CISO and is focused on working with the company's security policy, risk and compliance and security program management teams to evaluate and develop capabilities protect against information security risks in a manner that meets compliance and regulatory requirements and aligns with and supports the risk posture of the enterprise.

This position will foster relationships with leaders across the business and divisions while collaborating with partners in security, legal, risk, compliance, and technology groups. He/she will also oversee a variety of cybersecurity activities including application, infrastructure, network, identity platform technology security for the company. This position is also critical to establishing and maintaining secure software development practices by facilitating threat modeling, security testing, code analysis, implementing security detections, defense strategies, and consulting with engineering teams on security best practices for architecture and DevOps processes.

This position requires a proven leader with strong skills in business management and a detailed working knowledge of information security technologies and will proactively work with technology and businesses stakeholders to implement practices that meet defined policies and standards for information security.

What You'll Do

• Develop, implement, and oversee the company's application security and security architecture teams, driving forward a cyber security roadmap (tools, technologies, methodologies) with the goal of reducing enterprise risk

• Oversee a team that designs next-generation multi-disciplined information security capabilities in support of the corporate strategy

• Drive a cross-organization security strategy, with a shift-left approach, to ensure security is effectively integrated from software design and through release

• Drive innovation in new methods and approaches to security architecture

• Evaluate, develop and integrate new application security tools and methods into the organization, helping to improve our products security posture

• Evaluate program maturity and improvements through widely accepted frameworks(BSIMM or SAMM)

What You'll Bring

• 10+ years of progressive leadership experience in computing and information security, including experience with internet technology and security issues.

• 7-10 years of software development, DevOps and/or cloud architecture (AWS, GCP or Azure) experience

• Hands on experience designing and deploying security controls across all security domains such as access management, data protection, vulnerability management, incident response and management, application security, network security, preventive, detective and offensive security solutions

• Practical knowledge of secure coding practices (including OWASP, CIS)

• Experience building a SaaS application product utilizing a combination of modern DevOps tools (Jenkins, Chef, Puppet, JIRA, Bamboo, etc.)

• Proven experience implementing an Information Security Program aligned with FedRamp, NIST 800-53, NIST CSF, ISO 27001/27017, AICPA SOC 2 (NIST and ISO listed at a minimum)

Interpersonal Skills:

• Must be an intelligent, articulate, consensus building and persuasive leader who can serve as an effective member of the senior management team and communicate information security-related concepts to a broad range of technical and non-technical team members at all levels of the organization

• Must be a team player with great verbal and written communication skills

• Must be a superb relationship builder with the ability to work across groups within a global organization

• Experience reporting program progress to executive leadership and/or the board of directors

Purple Perks

What do we offer you?

• Medical, dental and vision - for employee, partner, and children!

• Generous PTO and observed holidays

• 2 Paid VoluNteer Days per year

• Pension Plan with company-contribution

• Employee Stock Purchase Program

• Discounted gym access at several local facilities

• FuN-raising opportunities as part of our giving program

• N-ablite Learning - custom learning experience as part of our investment in you

• The Way We Work - our hybrid working model based on trust and flexibility

About N-able

At N-able, Inc. (NYSE: NABL), we are a global software company that turns IT possibilities into capabilities. That means we partner with technology leaders who support companies around the world by offering secure infrastructure and tools to navigate their evolving IT needs. We build strong relationships with our customers to help them thrive at every stage of growth, and at the heart of this effort is our network of N-ablites-a global team of extraordinary, diverse creators who are dedicated to making a difference in how our partners do IT.

#LI-ZP1 #LI-Hybrid

• 10+ years of progressive leadership experience in computing and information security, including experience with internet technology and security issues.

• 7-10 years of software development, DevOps and/or cloud architecture (AWS, GCP or Azure) experience

• Hands on experience designing and deploying security controls across all security domains such as access management, data protection, vulnerability management, incident response and management, application security, network security, preventive, detective and offensive security solutions

• Practical knowledge of secure coding practices (including OWASP, CIS)

• Experience building a SaaS application product utilizing a combination of modern DevOps tools (Jenkins, Chef, Puppet, JIRA, Bamboo, etc.)

• Proven experience implementing an Information Security Program aligned with FedRamp, NIST 800-53, NIST CSF, ISO 27001/27017, AICPA SOC 2 (NIST and ISO listed at a minimum)

Interpersonal Skills:

• Must be an intelligent, articulate, consensus building and persuasive leader who can serve as an effective member of the senior management team and communicate information security-related concepts to a broad range of technical and non-technical team members at all levels of the organization

• Must be a team player with great verbal and written communication skills

• Must be a superb relationship builder with the ability to work across groups within a global organization

• Experience reporting program progress to executive leadership and/or the board of directors

• Develop, implement, and oversee the company's application security and security architecture teams, driving forward a cyber security roadmap (tools, technologies, methodologies) with the goal of reducing enterprise risk

• Oversee a team that designs next-generation multi-disciplined information security capabilities in support of the corporate strategy

• Drive a cross-organization security strategy, with a shift-left approach, to ensure security is effectively integrated from software design and through release

• Drive innovation in new methods and approaches to security architecture

• Evaluate, develop and integrate new application security tools and methods into the organization, helping to improve our products security posture

• Evaluate program maturity and improvements through widely accepted frameworks(BSIMM or SAMM)